[Secure-testing-commits] r24367 - data/CVE

Salvatore Bonaccorso Wed, 20 Nov 2013 22:51:16 -0800

Author: carnil
Date: 2013-11-21 06:50:14 +0000 (Thu, 21 Nov 2013)
New Revision: 24367


Modified:
   data/CVE/list
Log:
Update entry for CVE-2013-1417: mark not-affected for squeeze and wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-11-21 06:44:26 UTC (rev 24366)
+++ data/CVE/list       2013-11-21 06:50:14 UTC (rev 24367)
@@ -13995,6 +13995,9 @@
 CVE-2013-1417 [KDC null deref due to referrals]
        RESERVED
        - krb5 <unfixed>
+       [squeeze] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
+       [wheezy] - krb5 <not-affected> (Vulnerable code only present in 1.11.x)
+       NOTE: 
https://github.com/krb5/krb5/commit/4c023ba43c16396f0d199e2df1cfa59b88b62acc
 CVE-2013-1416 (The prep_reprocess_req function in do_tgs_req.c in the Key ...)
        - krb5 1.10.1+dfsg-5 (low; bug #704775)
        [squeeze] - krb5 <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r24367 - data/CVE

Reply via email to